James Vega reported an untrusted search path vulnerability in the
Python interface.

Impact

A local attacker could entice a user to run Epiphany from a directory
containing a specially crafted python module, resulting in the
execution of arbitrary code with the privileges of the user running
Epiphany.